Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-4886

When migrating between external user directories, external users that existed in both will lose locally set groups

    • Icon: Suggestion Suggestion
    • Resolution: Unresolved
    • None
    • None
    • None
    • 22
    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Derived from BSERV-9657.

      Summary

      When migrating between external user directories that are configured as Read Only with local groups, any users that existed in both directories and had custom local groups set will lose those local groups when the old user directory is disabled.

      Steps to Reproduce

      1. Connect Bitbucket to LDAP and sync a user, let's call her Susan. At this point, Susan should be a member of the default users group, e.g. bitbucket-users
      2. Create a new group in Bitbucket, bitbucket-local-test, and add Susan to that group
      3. Connect Bitbucket to a new ActiveDirectory server, also containing the user Susan
      4. Sync the new directory. At this stage, Susan should be a member of bitbucket-users, of your bitbucket-local-test group, and of whatever other groups were defined in LDAP and your new ActiveDirectory
      5. Disconnect the original LDAP server and check Susan's group memberships

      Expected Results

      Using the above example, Susan should continue to be a member of the bitbucket-local-test group. In other words, a user's local groups should be retained, independent of the source user directory

      Actual Results

      Susan's membership to the bitbucket-local-test group disappears. Local groups are lost during a migration between external directories.

      Workaround

      Re-add the users to their local directories, or manage them fully in the external user directory server and do not use the Read only with local groups setting

            [CWD-4886] When migrating between external user directories, external users that existed in both will lose locally set groups

            SET Analytics Bot made changes -
            Support reference count Original: 21 New: 22
            SET Analytics Bot made changes -
            Support reference count New: 21
            Katherine Yabut made changes -
            Workflow Original: JAC Suggestion Workflow [ 3388258 ] New: JAC Suggestion Workflow 3 [ 3630134 ]
            Monique Khairuliana (Inactive) made changes -
            Workflow Original: Simplified Crowd Development Workflow v2 [ 1957119 ] New: JAC Suggestion Workflow [ 3388258 ]
            Issue Type Original: Improvement [ 4 ] New: Suggestion [ 10000 ]
            Status Original: Needs Verification [ 10004 ] New: Gathering Interest [ 11772 ]
            Owen made changes -
            Symptom Severity Original: Minor [ 14432 ] New: Severity 3 - Minor [ 15832 ]
            Pawel Niegowski (Inactive) made changes -
            Workflow Original: Simplified Crowd Development Workflow v2 - restricted [ 1772403 ] New: Simplified Crowd Development Workflow v2 [ 1957119 ]
            Issue Type Original: Bug [ 1 ] New: Improvement [ 4 ]
            Marcin Kempa made changes -
            Status Original: Open [ 1 ] New: Needs Verification [ 10004 ]
            Brent P made changes -
            Link New: This issue is duplicated by BSERV-9657 [ BSERV-9657 ]
            Brent P made changes -
            Description New: Derived from [BSERV-9657|https://jira.atlassian.com/browse/BSERV-9657].

            h3. Summary
            When migrating between external user directories that are configured as _Read Only with local groups_, any users that existed in both directories and had custom local groups set will lose those local groups when the old user directory is disabled.

            h3. Steps to Reproduce
            # Connect Bitbucket to LDAP and sync a user, let's call her Susan. At this point, Susan should be a member of the default users group, e.g. *bitbucket-users*
            # Create a new group in Bitbucket, *bitbucket-local-test*, and add Susan to that group
            # Connect Bitbucket to a new ActiveDirectory server, also containing the user _Susan_
            # Sync the new directory. At this stage, Susan should be a member of *bitbucket-users*, of your *bitbucket-local-test* group, and of whatever other groups were defined in LDAP and your new ActiveDirectory
            # Disconnect the original LDAP server and check Susan's group memberships


            h3. Expected Results
            Using the above example, Susan should continue to be a member of the *bitbucket-local-test* group. In other words, a user's local groups should be retained, independent of the source user directory

            h3. Actual Results
            Susan's membership to the *bitbucket-local-test* group disappears. Local groups are lost during a migration between external directories.

            h3.Workaround
            Re-add the users to their local directories, or manage them fully in the external user directory server and do not use the _Read only with local groups_ setting
            Brent P created issue -

              Unassigned Unassigned
              bplump Brent P
              Votes:
              4 Vote for this issue
              Watchers:
              13 Start watching this issue

                Created:
                Updated: